> This is taken verbatim from the proposal that you can find here
You're taking quotes from the preamble which are not legislation. If you scroll down a little you'll find the actual text of the proposal which reads:
> The Coordinating Authority of establishment shall have the power to request the competent judicial authority of the Member State that designated it or another independent administrative authority of that Member State to issue a detection order
You see, a judge, required for a detection order to be issued. That's how the judge will be involved BEFORE detection. The authority cannot demand detection without the judge approving it.
I really dislike you way of arguing. I thought it was important to correct your misconceptions, but I do not believe you to be arguing in good faith.
Let me address your points here and to make it more explicit, let me use Meta/Facebook Messenger as an example.
> You see, a judge, required for a detection order to be issued. That's how the judge will be involved BEFORE detection. The authority cannot demand detection without the judge approving it.
Your interpretation of the judge's role is incorrect. The issue is not if a judge is involved, but what that judge is authorizing.
You are describing a targeted warrant. This proposal creates a general mandate.
Here is the the reality of the detection orders outlined by this proposal:
1: A judicial authority, based on a risk assessment, does not issue a warrant for a specific user John Doe who may be committing a crime.
2: Instead, it issues a detection order to Meta mandating that the service Messenger must be scanned for illegal content.
3: This order legally forces Meta to scan the data from all users on Messenger to find CSAM. It is a blanket mandate, not a targeted one.
This forces Facebook to implement a system to scan every single piece of data that goes through them, even if it means scanning messages before they are encrypted. Meta has now a mandate to scan everyone, all the time, forever.
Your flawed understanding is based on a traditional wiretap.
Traditional Warrant (Your View): Cops suspect Tony Soprano. They get a judge's approval for a single, time-limited wiretap on Tony's specific phone line in his house based on probable cause.
Detection Order: Cops suspect Tony “might” use his house for criminal activity. They get a judge to designate the entire house a "high-risk location." The judge then issues an order compelling the homebuilder to install 24/7 microphones in every room to record and scan all conversations from everyone (Tony, his family, his guests, his kids and so on) indefinitely.
That is the difference that I think you are not grasping here.
With E2E, Meta cannot know if CSAM is being exchanged in a message unless it can see the plain text.
To comply with this proposal, Meta will be forced to build a system that bypasses their own encryption. There is no other way.
This view is shared by security experts, privacy organizations, and legal experts.
You can read this opinion letter from a former ECJ judge who completely disagrees with your view here:
I am sorry if you think that I am arguing in bad faith. I am not.
While there is nothing I can do to make you like my arguing style, just know that I am simply trying to make you understand your misconceptions about this law.
You're taking quotes from the preamble which are not legislation. If you scroll down a little you'll find the actual text of the proposal which reads:
> The Coordinating Authority of establishment shall have the power to request the competent judicial authority of the Member State that designated it or another independent administrative authority of that Member State to issue a detection order
You see, a judge, required for a detection order to be issued. That's how the judge will be involved BEFORE detection. The authority cannot demand detection without the judge approving it.
I really dislike you way of arguing. I thought it was important to correct your misconceptions, but I do not believe you to be arguing in good faith.